You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
bugSomething isn't workingSecurityRelated to existing or potential security vulnerabilitiesWeaverTasks related to the future of Cactus & Weaver together.
bugSomething isn't workingSecurityRelated to existing or potential security vulnerabilitiesWeaverTasks related to the future of Cactus & Weaver together.
Describe the bug
GHSA-29mw-wpgm-hmr9
Moderate severity
gluegun uses lodash.trim, loadash.trimend versions with the above mentioned vulnerability
└─ gluegun@npm:5.1.6
└─ lodash.trim@npm:4.5.1 (via npm:^4.5.1)
└─ gluegun@npm:5.1.6
└─ lodash.trimend@npm:4.5.1 (via npm:^4.5.1)
And are present in our packages here,
├─ @hyperledger/cacti-weaver-besu-cli@workspace:weaver/samples/besu/besu-cli
│ └─ gluegun@npm:5.1.6 (via npm:5.1.6)
│
└─ @hyperledger/cacti-weaver-fabric-cli@workspace:weaver/samples/fabric/fabric-cli
└─ gluegun@npm:5.1.6 (via npm:5.1.6)
Steps to reproduce
yarn why lodash.trim
yarn why lodash.trimend
yarn why gluegun
@VRamakrishna @sandeepnRES
The text was updated successfully, but these errors were encountered: